Commit d6ea392
committed
fix(extensions): escape untrusted values in Rich markup output
User-provided arguments and extension/catalog metadata (names, descriptions, versions, IDs, paths) were interpolated into Rich markup strings without escaping. Values containing markup sequences (e.g. [red]...) would be parsed as markup, allowing output injection that could corrupt or mislead CLI messages.
Wrap all such interpolations with rich.markup.escape across the extension/catalog command handlers: list, search, info (_print_extension_info), add (including --dev paths), remove, enable, disable, set-priority, update, and the ambiguous-match resolvers (error strings and Table rows). Reuse the already-computed safe_extension where available.
Escaping is a no-op for benign strings, so normal output is unchanged.1 parent a49e272 commit d6ea392
1 file changed
Lines changed: 100 additions & 91 deletions
0 commit comments